search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2026-04-02 2026-04-02 2026-04-02 VU#951662 MuPDF by Artifex contains integer overflow vulnerability.
2026-03-30 2026-03-30 2026-03-30 VU#655822 Kyverno is vulnerable to server-side request forgery (SSRF)
2026-03-30 2026-03-26 2026-03-30 VU#221883 CrewAI contains multiple vulnerabilities including SSRF, RCE and local file read
2026-03-09 2004-12-10 2026-03-24 VU#976247 Retraction of "Antivirus and Endpoint Detection and Response Archive Scanning Engines may not properly scan malformed ZIP archives"
2026-03-24 2026-03-24 2026-03-24 VU#330121 IDrive for Windows contains local privilege escalation vulnerability
2026-03-24 2026-03-24 2026-03-24 VU#577436 Hard coded credentials vulnerability in GoHarbor's Harbor
2026-02-12 2026-02-12 2026-03-19 VU#504749 PyMuPDF path traversal and arbitrary file write vulnerabilities
2025-08-13 2025-08-13 2026-03-17 VU#767506 HTTP/2 implementations are vulnerable to "MadeYouReset" DoS attack through HTTP/2 control frames
2026-01-16 2026-01-16 2026-03-16 VU#383552 The Librarian does not secure its interface, allowing for access to internal system data
2026-03-16 2026-03-16 2026-03-16 VU#624941 LibreChat RAG API contains a log-injection vulnerability
2026-03-12 2026-03-12 2026-03-12 VU#907705 Graphql-upload-minimal has a prototype pollution vulnerability.
2026-03-12 2026-03-12 2026-03-12 VU#665416 SGLang (sglang) is vulnerable to code execution attacks via unsafe pickle deserialization
2026-03-05 2026-02-18 2026-03-05 VU#772695 A flawed TLS handshake implementation affects Viber Proxy in multiple platforms
2026-03-02 2026-03-02 2026-03-02 VU#431821 MS-Agent does not properly sanitize commands sent to its shell tool, allowing for RCE
2025-10-03 2025-10-03 2026-03-02 VU#294418 Vigor routers running DrayOS are vulnerable to RCE via EasyVPN and LAN web administration interface

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis